Received: by 10.223.185.116 with SMTP id b49csp6408042wrg;
        Wed, 28 Feb 2018 08:56:08 -0800 (PST)
X-Google-Smtp-Source: AH8x225Z6XH9eR9Yi1R/8/h1ZVNQUxZ/e09kE0QREkirv2EgVWr8m9HRyIYp0abSruPJfCG3mEr2
X-Received: by 10.99.52.203 with SMTP id b194mr15170307pga.349.1519836968189;
        Wed, 28 Feb 2018 08:56:08 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1519836968; cv=none;
        d=google.com; s=arc-20160816;
        b=xRMUviJH7ctEpKwPIjmTY/ORjLngudWOG9iUyTIEZwn9E0jBEZhaPlubWg4GZ5DAHx
         9PGzPgeGlL/LF+a0OjdcLU/NlFPKTRFke1qrkT5aJJN4JLa8XfXCzzV9QyWiuKyg/B8g
         ZtgVRXDEi/pLCvmqypUndMEsWbfnHRzUCMvE7Mhw9muYtwAUmAD/RONx8L+xAieJ6bgB
         jPkKjLeupKJNTt7hnC/+cjOPijlMVPlcS6lj/L8exkFbLUPV8+Yo1v3Vjn5isltdrlwE
         hsgRU3CclpD11vRzoHpevQoBNbDFUt2blLTC/sCWL6krUwckxlki8fmKiAGAQFz1lMna
         xLFg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :references:in-reply-to:mime-version:dkim-signature:dkim-signature
         :arc-authentication-results;
        bh=HQhHogxdzvIDXHL3779eXw6k6iYGv6sFJuBp7uDDGrk=;
        b=InCNpYSVilChcPMG0Gu07H3UzMVQr4PQHwDw3CUzRcTr5YKFo6WXpZbKanUPO9NLXJ
         lT0LLfY7WjP3nigOxNmsYgkx/KKRK5DTrbY06Bir0ATdy6bwhDsoyTFRkMxzAe6WZLoA
         uqI3/tY1jVytAbiTHb9mZnOimynQLNhEa9RG9C58VKj79tQNya41w434I/A/tVcL9z9V
         +Ts4X6s8NGyB8AelIw5pSFSm+9yCWDKJpM9mAd7qtggBzFZhAeeQGkkBvyRliSjeUsDp
         mYZpdhY+NTYDqKcpviZexWH+jB1gYz1SoV+c00XqkQacU44H0nMrzqIDxycK1RMtTZct
         CMGg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=fail header.i=@google.com header.s=20161025 header.b=OvkmQMLy;
       dkim=fail header.i=@chromium.org header.s=google header.b=NfDj4Uei;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=chromium.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id 33-v6si1484191pls.710.2018.02.28.08.55.52;
        Wed, 28 Feb 2018 08:56:08 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=fail header.i=@google.com header.s=20161025 header.b=OvkmQMLy;
       dkim=fail header.i=@chromium.org header.s=google header.b=NfDj4Uei;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=chromium.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S932884AbeB1Qyy (ORCPT <rfc822;speed.demon0047@gmail.com>
        + 99 others); Wed, 28 Feb 2018 11:54:54 -0500
Received: from mail-ua0-f195.google.com ([209.85.217.195]:38916 "EHLO
        mail-ua0-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S932377AbeB1Qyu (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 28 Feb 2018 11:54:50 -0500
Received: by mail-ua0-f195.google.com with SMTP id e25so1975845uam.6
        for <linux-kernel@vger.kernel.org>; Wed, 28 Feb 2018 08:54:50 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20161025;
        h=mime-version:sender:in-reply-to:references:from:date:message-id
         :subject:to:cc;
        bh=HQhHogxdzvIDXHL3779eXw6k6iYGv6sFJuBp7uDDGrk=;
        b=OvkmQMLyh3Z/TiKvlVxmyy5xwYBYvB4r9RSCqH0hFrUj62Ls0ItroECSyJOQmv/rqB
         ZJJkDOt9tliBP9+WXPPssdqTWOAsnVq2slkRv+YKxwdkt0NTh7XCxRayHm3JIds3PAD+
         q/OV2Cr62/8aSDj4PjvG18pNR/9kce8Vk50kdKcQW7mppD/hdX+/OZiIFU+cwBY/2HWw
         vvL9EyjYARvlRA4+Q3S7Pmz7FstqUmyeBmmCfLZ90Dw2qNGqXRlT4/WkI6dT3aU2mXqj
         B4qhEnYLvo4F/OMvoQZ3W46h8WkeaCC234p3Wiqx+4I9kpinX5abgTe+sIwc3ulc85dW
         wT2w==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=chromium.org; s=google;
        h=mime-version:sender:in-reply-to:references:from:date:message-id
         :subject:to:cc;
        bh=HQhHogxdzvIDXHL3779eXw6k6iYGv6sFJuBp7uDDGrk=;
        b=NfDj4UeiJ2WDeJAAi77LNKebGqtJO8ICpEYdgJWeYOdGAtvu5zq5Nm+PNTRBWXGbOy
         0QDlCP1+R4UD4RCpYaRv/X498bNp4XxWsZSp3wnySms0DjgrSnVtv7kHzsq/+puyFpix
         mS9Rp1JmgOyZj9I3tGskaAjWkGVSe5QihUBO0=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:sender:in-reply-to:references:from
         :date:message-id:subject:to:cc;
        bh=HQhHogxdzvIDXHL3779eXw6k6iYGv6sFJuBp7uDDGrk=;
        b=RLFnh4IceuWAh8e8/uBfX9Hm1UrX9jmIHRG6AErVB0bqh4EUhTcg1J2Eg1IHmFiaDd
         w+BvfiVDAXvQmLPLD88P6fQplNUaC6ydjkuJBGpYZmpaLtl5M/WQdhhnHvhqhCCnQdjx
         anYKRADYf0HVUEzaFdaIMM5e1LsxcI+X2T8kgTcjYf62sIeeXgNNeraQmJYw227Lgvt/
         t1+ZVzl5bOEuDLKEb2fnLpFr/Xi90TY23P7nvbalZF7u+artxE529nwMP39e7g3SmxSM
         Mz1m7jf2zm0AUCqg63jUj0WZILJpELK8Yv8XpHGZR479TWA/A8+7dZZSAHwjFHUVZIEq
         THRw==
X-Gm-Message-State: APf1xPCP1RxymsOxh6dms9Pqn54hv62oszi6rH1zJZMMuqMQY9u5vdNy
        TrXWzfoMo/IAGQcTcdNVvg2LvDHtqXp46aHMvcY9Zspl
X-Received: by 10.176.48.231 with SMTP id d7mr6318358uam.0.1519836889487; Wed,
 28 Feb 2018 08:54:49 -0800 (PST)
MIME-Version: 1.0
Received: by 10.31.242.140 with HTTP; Wed, 28 Feb 2018 08:54:48 -0800 (PST)
In-Reply-To: <20180228143037.GA3150@pjb1027-Latitude-E5410>
References: <20180228143037.GA3150@pjb1027-Latitude-E5410>
From:   Kees Cook <keescook@chromium.org>
Date:   Wed, 28 Feb 2018 08:54:48 -0800
X-Google-Sender-Auth: Y8FAsG-4tac4mz96GazsRn1VLsw
Message-ID: <CAGXu5j+OUHmviXLeZGzLH3q9F-z1s6-8epG-y1ZusgOyGEy24Q@mail.gmail.com>
Subject: Re: [kernel-hardening] [PATCH 2/2] arm: Kconfig: Add ARCH_HAS_FORTIFY_SOURCE
To:     Jinbum Park <jinb.park7@gmail.com>
Cc:     linux-arm-kernel <linux-arm-kernel@lists.infradead.org>,
        LKML <linux-kernel@vger.kernel.org>,
        Kernel Hardening <kernel-hardening@lists.openwall.com>,
        Philippe Ombredanne <pombredanne@nexb.co>,
        Greg KH <gregkh@linuxfoundation.org>,
        Thomas Gleixner <tglx@linutronix.de>,
        Kate Stewart <kstewart@linuxfoundation.org>,
        Andy Lutomirski <luto@amacapital.net>,
        Dmitry Safonov <dsafonov@virtuozzo.com>,
        Will Deacon <will.deacon@arm.com>,
        Mark Rutland <mark.rutland@arm.com>,
        Daniel Micay <danielmicay@gmail.com>,
        Arnd Bergmann <arnd@arndb.de>,
        Catalin Marinas <catalin.marinas@arm.com>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Wed, Feb 28, 2018 at 6:30 AM, Jinbum Park <jinb.park7@gmail.com> wrote:
> CONFIG_FORTIFY_SOURCE detects various overflows at compile-time.
> (6974f0c4555e ("include/linux/string.h:
> add the option of fortified string.h functions)
>
> ARCH_HAS_FORTIFY_SOURCE means that the architecture can be built and
> run with CONFIG_FORTIFY_SOURCE.
>
> Since ARM can be built and run with that flag like other architectures,
> select ARCH_HAS_FORTIFY_SOURCE as default.
>
> Signed-off-by: Jinbum Park <jinb.park7@gmail.com>

Acked-by: Kees Cook <keescook@chromium.org>

-Kees

> ---
>  arch/arm/Kconfig | 1 +
>  1 file changed, 1 insertion(+)
>
> diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig
> index 7e3d535..3765336 100644
> --- a/arch/arm/Kconfig
> +++ b/arch/arm/Kconfig
> @@ -7,6 +7,7 @@ config ARM
>         select ARCH_HAS_DEBUG_VIRTUAL if MMU
>         select ARCH_HAS_DEVMEM_IS_ALLOWED
>         select ARCH_HAS_ELF_RANDOMIZE
> +       select ARCH_HAS_FORTIFY_SOURCE
>         select ARCH_HAS_SET_MEMORY
>         select ARCH_HAS_PHYS_TO_DMA
>         select ARCH_HAS_STRICT_KERNEL_RWX if MMU && !XIP_KERNEL
> --
> 1.9.1
>



-- 
Kees Cook
Pixel Security